CVE-2025-56605

A reflected Cross-Site Scripting XSS vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute...

Online Event Judging System action.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL statements in the parameter content in the file /ajax/action.php. An attacker can exploit...

CVE-2025-58725

CVE-2025-58725 is described in connected documents as a heap-based buffer overflow in Windows COM that allows a locally authenticated attacker to elevate privileges. The CVE is associated with Windows COM components, with a CVSS v3.1 score of 7.0 (Local, High impact, Privilege escalation) and Exp...

CVE-2025-58725 Windows COM+ Event System Service Elevation of Privilege Vulnerability

...

CVE-2025-58725 Windows COM+ Event System Service Elevation of Privilege Vulnerability

...

Windows COM+ Event System Service Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows COM allows an authorized attacker to elevate privileges locally...

EUVD-2020-8858

Malware in sbrugna...

EUVD-2024-27467

Malicious code in bioql PyPI...

EUVD-2025-24814

Malicious code in bioql PyPI...

Online Event Judging System create_account.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fname in the file /createaccount.php. The vulnerability can be...

CVE-2025-9036

A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection...

CVE-2025-9036

A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection...

CVE-2025-9036

Rockwell Automation FactoryTalk Action Manager (v1.0.0 Runtime) is affected by a vulnerability in its runtime event system that permits unauthenticated local access to a reusable API token. The token is broadcast over a WebSocket and can be intercepted by any local client listening on the connect...

PT-2025-33277 · Unknown · Runtime Event System

Name of the Vulnerable Software and Affected Versions: runtime event system affected versions not specified Description: A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercept...

CVE-2024-33992

Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'...

CVE-2024-33987

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate', 'YearLevel...

School Event Management System 安全漏洞

School Event Management System is a school event management system. A security vulnerability exists in School Event Management System version 1.0. The vulnerability can be exploited to send a specially crafted JavaScript load to a user to take over their browser session via the "id" and "view in...

School Event Management System 跨站脚本漏洞

School Event Management System is a school event management system. A cross-site scripting vulnerability exists in School Event Management System version 1.0. An attacker can create a specially crafted URL and send it to a victim to obtain their session details via the "view" parameter in...

School Event Management System 跨站脚本漏洞

School Event Management System is a school event management system. A cross-site scripting vulnerability exists in School Event Management System version 1.0. An attacker can create a specially crafted URL and send it to a victim to obtain their session details via the "view" parameter in...

CVE-2024-3524

A vulnerability, which was classified as problematic, has been found in Campcodes Online Event Management System 1.0. This issue affects some unknown processing of the file /views/process.php. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotel...